In the previous article we came to know about the internet and the transaction security.In this article we will see the security of credit card payment through the internet.
Encrypted credit-card numbers aren't valuable enough by themselves, however, to pay for the compute time spent to attack them. A few years ago someone attempted to sell a large collection of valid credit-card numbers to an undercover FBI agent, who bought them for the modest sum of $2.50 per number. That price hardly justifies the effort needed to decrypt them. Besides, in the United States, a credit card's owner is only liable for $50 in losses if the number is used fraudulently; the bank that issued the card or the merchant who accepted the purchase absorbs the rest of the loss. Thus, for most people, 40-bit keys are probably strong enough to protect their credit-card numbers.
Such keys aren't strong enough to protect everything, however. Fortunately, most browsers can use 128-bit keys, which offer 10 possible keys. Netscape and Microsoft offer these browsers as an option to U.S. and Canadian citizens, and other vendors offer similar software overseas. The secret-key algorithms work just as fast with 128-bit keys as they do with the shorter and easier-to-attack keys, and cracking a 128-bit key using today's computers would take at least a quintillion years.
Given that the 128-bit keys are as fast as and far safer than 40-bit keys, why do any browsers still use 40-bit keys? The answer is that Federal export laws mandate the weaker keys. Following World War II, U.S. officials declared all encryption devices weapons of war, and the State Department assumed authority to control their export. When Netscape developed SSL several years ago, the State Department granted the company permission to export only SSL software that used 40-bit secret keys, which are too short to use for military purposes.
In the 
